/**
* @covers Zend\Db\RowGateway\RowGateway::delete
*/
public function testDelete()
{
$this->rowGateway->foo = 'bar';
$affectedRows = $this->rowGateway->delete();
$this->assertFalse($this->rowGateway->rowExistsInDatabase());
$this->assertEquals(1, $affectedRows);
}
/**
* @return $successfulDelete
*/
public function delete() : bool
{
if (static::DELETE) {
$sucess = (bool) $this->rowGateway->delete();
} else {
$success = false;
}
return $success;
}
public function delete()
{
/**
* ACL Enforcement
*/
$currentUserId = null;
if (Auth::loggedIn()) {
$currentUser = Auth::getUserInfo();
$currentUserId = intval($currentUser['id']);
}
$cmsOwnerId = $this->acl->getRecordCmsOwnerId($this, $this->table);
/**
* Enforce Privilege: "Little" Delete (I am the record CMS owner)
*/
if ($cmsOwnerId === $currentUserId) {
if (!$this->acl->hasTablePrivilege($this->table, 'harddelete')) {
$recordPk = self::stringifyPrimaryKeyForRecordDebugRepresentation($this->primaryKeyData);
$aclErrorPrefix = $this->acl->getErrorMessagePrefix();
throw new UnauthorizedTableDeleteException($aclErrorPrefix . "Table harddelete access forbidden on `" . $this->table . "` table record with {$recordPk} owned by the authenticated CMS user (#{$cmsOwnerId}).");
}
} else {
if (!$this->acl->hasTablePrivilege($this->table, 'bigharddelete')) {
$recordPk = self::stringifyPrimaryKeyForRecordDebugRepresentation($this->primaryKeyData);
$recordOwner = false === $cmsOwnerId ? "no magic owner column" : "the CMS owner #{$cmsOwnerId}";
$aclErrorPrefix = $this->acl->getErrorMessagePrefix();
throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . "Table bigharddelete access forbidden on `" . $this->table . "` table record with {$recordPk} and {$recordOwner}.");
}
}
return parent::delete();
}
public function delete()
{
parent::delete();
}
public function delete()
{
/**
* ACL Enforcement
*/
$currentUserId = $this->acl->getUserId();
$cmsOwnerId = $this->acl->getRecordCmsOwnerId($this, $this->table);
$isCurrentUserOwner = $cmsOwnerId === $currentUserId;
$canBigDelete = false;
$canDelete = false;
if (TableSchema::hasTableColumn($this->table, STATUS_COLUMN_NAME)) {
if ($this->acl->hasTablePrivilege($this->table, 'bigdelete')) {
$canBigDelete = true;
} else {
if ($this->acl->hasTablePrivilege($this->table, 'delete')) {
$canDelete = true;
}
}
}
if (!$canDelete && !$canBigDelete) {
$aclErrorPrefix = $this->acl->getErrorMessagePrefix();
throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . ' forbidden to hard delete on table `' . $this->table . '` because it has status column.');
}
/**
* Enforce Privilege: "Little" Delete (I am the record CMS owner)
*/
if ($isCurrentUserOwner && !$canDelete) {
$recordPk = self::stringifyPrimaryKeyForRecordDebugRepresentation($this->primaryKeyData);
$aclErrorPrefix = $this->acl->getErrorMessagePrefix();
throw new UnauthorizedTableDeleteException($aclErrorPrefix . 'Table harddelete access forbidden on `' . $this->table . '` table record with ' . $recordPk . ' owned by the authenticated CMS user (#' . $cmsOwnerId . ').');
} elseif (!$isCurrentUserOwner && !$canBigDelete) {
/**
* Enforce Privilege: "Big" Delete (I am not the record CMS owner)
*/
$recordPk = self::stringifyPrimaryKeyForRecordDebugRepresentation($this->primaryKeyData);
$recordOwner = false === $cmsOwnerId ? 'no magic owner column' : 'the CMS owner #' . $cmsOwnerId;
$aclErrorPrefix = $this->acl->getErrorMessagePrefix();
throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . 'Table bigharddelete access forbidden on `' . $this->table . '` table record with $recordPk and ' . $recordOwner . '.');
}
return parent::delete();
}
